Re: OpenPGP Minutes / Quick Summary

Jon Callas <jon@callas.org> Mon, 24 July 2006 22:36 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G592Y-0004ga-IV for openpgp-archive@lists.ietf.org; Mon, 24 Jul 2006 18:36:42 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G592V-0000rC-V1 for openpgp-archive@lists.ietf.org; Mon, 24 Jul 2006 18:36:42 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k6OLuFnJ092926; Mon, 24 Jul 2006 14:56:15 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k6OLuFsS092925; Mon, 24 Jul 2006 14:56:15 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from merrymeet.com (merrymeet.com [63.73.97.162]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k6OLuEqO092902 for <ietf-openpgp@imc.org>; Mon, 24 Jul 2006 14:56:14 -0700 (MST) (envelope-from jon@callas.org)
Received: from keys.merrymeet.com (keys.merrymeet.com [63.73.97.166]) (Authenticated sender: jon) by merrymeet.com (Postfix) with ESMTP id C6FDF2033D2 for <ietf-openpgp@imc.org>; Mon, 24 Jul 2006 14:56:07 -0700 (PDT)
Received: from [63.251.255.205] ([63.251.255.205]) by keys.merrymeet.com (PGP Universal service); Mon, 24 Jul 2006 14:56:07 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 24 Jul 2006 14:56:07 -0700
Mime-Version: 1.0 (Apple Message framework v752.2)
In-Reply-To: <20060720204525.310F3DA82E@mailserver8.hushmail.com>
References: <20060720204525.310F3DA82E@mailserver8.hushmail.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <C9B8B971-CE98-4CCB-B4E5-783314FCBB41@callas.org>
Content-Transfer-Encoding: 7bit
From: Jon Callas <jon@callas.org>
Subject: Re: OpenPGP Minutes / Quick Summary
Date: Mon, 24 Jul 2006 14:56:06 -0700
To: OpenPGP <ietf-openpgp@imc.org>
X-Mailer: Apple Mail (2.752.2)
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0a7aa2e6e558383d84476dc338324fab

On 20 Jul 2006, at 1:45 PM, <vedaal@hush.com> <vedaal@hush.com> wrote:

> a minor issue,
> is that there for some objects, there is no 'generic' OpenPGP
> object form that is identical for all OpenPGP implementations,
> (there is only a more generalized form of the packet types,
> sequence, etc.)
>
> the actual final form of the openPGP object varies somewhat with
> the implementation,
> (although each implementation can work with the forms of the
> other),
>
>
> an example of this,
> would be a message encrypted to Alice's v4 RSA key:
>
> in PGP,
> the message block armor begins with 'qA'
>
> in GnuPG,
> the same message encrypted to the same key,
> begins with 'hQ'
>

Forgive me for agreeing differently. :-)

In the case that you give, the difference is that PGP uses a marker  
packet and GnuPG doesn't. What you need to document is the existence  
of the marker packet. You might do it by creating one with  
implementation X and the other with Y, but the difference is the  
marker packet.

Similarly, we ought to give an example of different length types, old/ 
new header, and so on. Those, however, might not track systems.

(I just put in a note in the PGP bug database that says PGP should  
consider not doing marker packets.)


> it might be useful to list both variations as examples
> of the discretionary leeway available to implementors,
> and how they can leave little telltale signs that distinguish
> their own implementations,
> as long as the essentials of intercompatibility are preserved
>
>
> in order to not 'overdo' the trivia,
> i can start with a tentative list of the example types,
> and then have people suggest either addtions or deletions from the
> list
>

Yes, that's all part of the OpenPGP Bestiary, as I've been calling it.

	Jon